jhanley-com · December 15, 2021 16:45
diff --git a/main.tf b/main.tf
 # Test code for the question: https://stackoverflow.com/q/65525116/8016720

 # Provides configuration details for the Azure Terraform provider
 provider "azurerm" {
  # !!! Must include features even if empty
  features {}
 }

 variable "appName" { default = "testAppName" }
 variable "subscriptionId" { default = "" }

 resource "azuread_application" "appReg" {
  name = var.appName
 }

 resource "azuread_service_principal" "example-sp" {
  application_id = azuread_application.appReg.application_id
 }

 resource "azuread_service_principal_password" "example-sp_pwd" {
  service_principal_id = azuread_service_principal.example-sp.id
  value                = "long-random-string"
  end_date             = "2021-06-02T01:02:03Z"
 }

 data "azurerm_subscription" "thisSubscription" {
  subscription_id = var.subscriptionId
 }

 resource "azurerm_role_assignment" "example-sp_role_assignment" {
  scope                = data.azurerm_subscription.thisSubscription.id
  role_definition_name = "Contributor"
  principal_id         = azuread_service_principal.example-sp.id
 }

 resource "azuread_application_app_role" "example-role" {
  application_object_id = azuread_application.appReg.id
  allowed_member_types  = ["User", "Application"]
  description           = "Admins can manage roles and perform all task actions"
  display_name          = "Admin"
  is_enabled            = true
  value                 = "administer"
 }

 output "application_id" {
  value = azuread_application.appReg.application_id
 }

 output "appId" {
  value = azuread_service_principal.example-sp.application_id
 }
	# Test code for the question: https://stackoverflow.com/q/65525116/8016720

	# Provides configuration details for the Azure Terraform provider
	provider "azurerm" {
	# !!! Must include features even if empty
	features {}
	}

	variable "appName" { default = "testAppName" }
	variable "subscriptionId" { default = "" }

	resource "azuread_application" "appReg" {
	name = var.appName
	}

	resource "azuread_service_principal" "example-sp" {
	application_id = azuread_application.appReg.application_id
	}

	resource "azuread_service_principal_password" "example-sp_pwd" {
	service_principal_id = azuread_service_principal.example-sp.id
	value = "long-random-string"
	end_date = "2021-06-02T01:02:03Z"
	}

	data "azurerm_subscription" "thisSubscription" {
	subscription_id = var.subscriptionId
	}

	resource "azurerm_role_assignment" "example-sp_role_assignment" {
	scope = data.azurerm_subscription.thisSubscription.id
	role_definition_name = "Contributor"
	principal_id = azuread_service_principal.example-sp.id
	}

	resource "azuread_application_app_role" "example-role" {
	application_object_id = azuread_application.appReg.id
	allowed_member_types = ["User", "Application"]
	description = "Admins can manage roles and perform all task actions"
	display_name = "Admin"
	is_enabled = true
	value = "administer"
	}

	output "application_id" {
	value = azuread_application.appReg.application_id
	}

	output "appId" {
	value = azuread_service_principal.example-sp.application_id
	}